Exchange 2007 LDAP Search Time errors

We have always noticed the following error in MOM - indicating an LDAP Search Time Critical Error on our HUB/CAS Servers...  the MS range is anywhere from 111ms up to over 400ms... yet if I do a constant PING from both CAS servers... and leave them running all day long, I see no more than 1-2ms response.. and a 1ms total average over a 24 hour period.

Is this just a MOM issue reading these settings incorrectly?  We have another site in Australia, which when I see their alerts, they do see the same LDAP Critical error... yet the expected test results are all the same.

I don't really think there is any negative network performance or system performance based on these errors... but I just want to be proactive and make sure there isn't something I am missing.. or if there is something I can tweak to help prevent these problems from coming up.

Current Setup:

2 x 2008 Enterprise x64 Bit, Exchange 07 CAS/HUB Servers.  1 NLB NIC, 1 Outbound Mail NIC
2 x 2008 Enterprise x64 Bit, Exchange 07 Mailbox Servers (Clustered) 1 Public NIC, 1 Heartbeat NIC

Severity:  Critical Error
Source:  MSExchange ADAccess Domain Controllers:  LDAP Search Time:  server.domain.com
Name:  LDAP Search Time - sustained for 5 minutes - Red(>100msec).
Description:
MSExchange ADAccess Domain Controllers:  LDAP Search Time:  server.domain.com value = 114.473333333334

Knowledge base article for this alert:
http://go.microsoft.com/fwlink/?LinkID=67336&id=F6CFD328-F8BC-489F-9419-408B62CFF631. The average over last 5 samples is 114.473.

Domain:  DOMAINNAMEREMOVED
Computer:  SERVERNAMEREMOVED
Time:  12/1/2009 04:31:00
Owner:  
Alert:  http://SERVERNAMEREMOVED:1272/?v=a&id=0F8646FB-5C71-40F2-8684-CCC86E62436C
MaiMcNultyAsked:
Who is Participating?
 
Keith AlabasterConnect With a Mentor Enterprise ArchitectCommented:
Personally I wouldn't get twisted up about it. We have SCOM 2007 and get the same sort of numbers periodically. Of course ping is not the same as ldap queries - whilst a ping is straight send/receive activity at layer 3, an ldap query is effectively at the application layer, requires the responding AD server to perform the test and for the management system to get the responses back. If the AD server that responds to the query is busy then it might not be that surprising.

 
0
Question has a verified solution.

Are you are experiencing a similar issue? Get a personalized answer when you ask a related question.

Have a better answer? Share it in a comment.

All Courses

From novice to tech pro — start learning today.